xref: /rk3399_ARM-atf/tools/cert_create/src/tbbr/tbb_ext.c (revision 649dbf6f3666fa4ec8bad318d01b946fb89063e0) 
1 /*
2  * Copyright (c) 2015, ARM Limited and Contributors. All rights reserved.
3  *
4  * Redistribution and use in source and binary forms, with or without
5  * modification, are permitted provided that the following conditions are met:
6  *
7  * Redistributions of source code must retain the above copyright notice, this
8  * list of conditions and the following disclaimer.
9  *
10  * Redistributions in binary form must reproduce the above copyright notice,
11  * this list of conditions and the following disclaimer in the documentation
12  * and/or other materials provided with the distribution.
13  *
14  * Neither the name of ARM nor the names of its contributors may be used
15  * to endorse or promote products derived from this software without specific
16  * prior written permission.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
19  * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
22  * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
23  * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
24  * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
25  * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
26  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
27  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
28  * POSSIBILITY OF SUCH DAMAGE.
29  */
30 
31 #include <stdio.h>
32 #include <string.h>
33 #include <openssl/err.h>
34 #include <openssl/x509v3.h>
35 #include "ext.h"
36 #include "platform_oid.h"
37 #include "tbbr/tbb_ext.h"
38 #include "tbbr/tbb_key.h"
39 
40 /* TODO: get these values from the command line */
41 #define TRUSTED_WORLD_NVCTR_VALUE	0
42 #define NORMAL_WORLD_NVCTR_VALUE	0
43 
44 static ext_t tbb_ext[] = {
45 	[TZ_FW_NVCOUNTER_EXT] = {
46 		.oid = TZ_FW_NVCOUNTER_OID,
47 		.sn = "TrustedWorldNVCounter",
48 		.ln = "Trusted World Non-Volatile counter",
49 		.asn1_type = V_ASN1_INTEGER,
50 		.type = EXT_TYPE_NVCOUNTER,
51 		.data.nvcounter = TRUSTED_WORLD_NVCTR_VALUE
52 	},
53 	[NTZ_FW_NVCOUNTER_EXT] = {
54 		.oid = NTZ_FW_NVCOUNTER_OID,
55 		.sn = "NormalWorldNVCounter",
56 		.ln = "Normal World Non-Volatile counter",
57 		.asn1_type = V_ASN1_INTEGER,
58 		.type = EXT_TYPE_NVCOUNTER,
59 		.data.nvcounter = NORMAL_WORLD_NVCTR_VALUE
60 	},
61 	[BL2_HASH_EXT] = {
62 		.oid = BL2_HASH_OID,
63 		.opt = "bl2",
64 		.sn = "TrustedBootFirmwareHash",
65 		.ln = "Trusted Boot Firmware (BL2) hash (SHA256)",
66 		.asn1_type = V_ASN1_OCTET_STRING,
67 		.type = EXT_TYPE_HASH
68 	},
69 	[TZ_WORLD_PK_EXT] = {
70 		.oid = TZ_WORLD_PK_OID,
71 		.sn = "TrustedWorldPublicKey",
72 		.ln = "Trusted World Public Key",
73 		.asn1_type = V_ASN1_OCTET_STRING,
74 		.type = EXT_TYPE_PKEY,
75 		.data.key = TRUSTED_WORLD_KEY
76 	},
77 	[NTZ_WORLD_PK_EXT] = {
78 		.oid = NTZ_WORLD_PK_OID,
79 		.sn = "NonTrustedWorldPublicKey",
80 		.ln = "Non-Trusted World Public Key",
81 		.asn1_type = V_ASN1_OCTET_STRING,
82 		.type = EXT_TYPE_PKEY,
83 		.data.key = NON_TRUSTED_WORLD_KEY
84 	},
85 	[BL30_CONTENT_CERT_PK_EXT] = {
86 		.oid = BL30_CONTENT_CERT_PK_OID,
87 		.sn = "SCPFirmwareContentCertPK",
88 		.ln = "SCP Firmware content certificate public key",
89 		.asn1_type = V_ASN1_OCTET_STRING,
90 		.type = EXT_TYPE_PKEY,
91 		.data.key = BL30_KEY
92 	},
93 	[BL30_HASH_EXT] = {
94 		.oid = BL30_HASH_OID,
95 		.opt = "bl30",
96 		.sn = "SCPFirmwareHash",
97 		.ln = "SCP Firmware (BL30) hash (SHA256)",
98 		.asn1_type = V_ASN1_OCTET_STRING,
99 		.type = EXT_TYPE_HASH
100 	},
101 	[BL31_CONTENT_CERT_PK_EXT] = {
102 		.oid = BL31_CONTENT_CERT_PK_OID,
103 		.sn = "SoCFirmwareContentCertPK",
104 		.ln = "SoC Firmware content certificate public key",
105 		.asn1_type = V_ASN1_OCTET_STRING,
106 		.type = EXT_TYPE_PKEY,
107 		.data.key = BL31_KEY
108 	},
109 	[BL31_HASH_EXT] = {
110 		.oid = BL31_HASH_OID,
111 		.opt = "bl31",
112 		.sn = "SoCAPFirmwareHash",
113 		.ln = "SoC AP Firmware (BL31) hash (SHA256)",
114 		.asn1_type = V_ASN1_OCTET_STRING,
115 		.type = EXT_TYPE_HASH
116 	},
117 	[BL32_CONTENT_CERT_PK_EXT] = {
118 		.oid = BL32_CONTENT_CERT_PK_OID,
119 		.sn = "TrustedOSFirmwareContentCertPK",
120 		.ln = "Trusted OS Firmware content certificate public key",
121 		.asn1_type = V_ASN1_OCTET_STRING,
122 		.type = EXT_TYPE_PKEY,
123 		.data.key = BL32_KEY
124 	},
125 	[BL32_HASH_EXT] = {
126 		.oid = BL32_HASH_OID,
127 		.opt = "bl32",
128 		.sn = "TrustedOSHash",
129 		.ln = "Trusted OS (BL32) hash (SHA256)",
130 		.asn1_type = V_ASN1_OCTET_STRING,
131 		.type = EXT_TYPE_HASH
132 	},
133 	[BL33_CONTENT_CERT_PK_EXT] = {
134 		.oid = BL33_CONTENT_CERT_PK_OID,
135 		.sn = "NonTrustedFirmwareContentCertPK",
136 		.ln = "Non-Trusted Firmware content certificate public key",
137 		.asn1_type = V_ASN1_OCTET_STRING,
138 		.type = EXT_TYPE_PKEY,
139 		.data.key = BL33_KEY
140 	},
141 	[BL33_HASH_EXT] = {
142 		.oid = BL33_HASH_OID,
143 		.opt = "bl33",
144 		.sn = "NonTrustedWorldBootloaderHash",
145 		.ln = "Non-Trusted World (BL33) hash (SHA256)",
146 		.asn1_type = V_ASN1_OCTET_STRING,
147 		.type = EXT_TYPE_HASH
148 	}
149 };
150 
151 REGISTER_EXTENSIONS(tbb_ext);
152